Security researchers have demonstrated how it might be possible to place backdoor rootkit software on a network card.
Guillaume Delugré, a reverse engineer at French security firm Sogeti ESEC, was able to develop proof-of-concept code after studying the firmware from Broadcom Ethernet NetExtreme PCI Ethernet cards.
He used publicly available documentations and open source tools to develop a firmware debugger. He also reverse-engineered the format of the EEPROM where firmware code is stored, as well as the bootstrap process of the device.
http://www.theregister.co.uk/2010/11/23 ... d_rootkit/